[advisory]
id = "HSEC-2023-0002"
cwe = [347]
keywords = ["crypto", "historical"]
aliases = ["CVE-2022-31053"]
related = ["GHSA-75rw-34q6-72cr"]

[[affected]]
package = "biscuit-haskell"
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
[[affected.versions]]
introduced = "0.1.0.0"
fixed = "0.2.0.0"

[[references]]
type = "REPORT"
url = "https://eprint.iacr.org/2020/1484"
[[references]]
type = "ADVISORY"
url = "https://github.com/biscuit-auth/biscuit/security/advisories/GHSA-75rw-34q6-72cr"

Improper Verification of Cryptographic Signature

The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid Γ-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandates a different algorithm than gamma signatures and as such is not affected by this vulnerability.